[Secure-testing-commits] r19235 - in data: . CVE

Jonathan Wiltshire jmw at alioth.debian.org
Sun May 13 13:49:06 UTC 2012 

Author: jmw
Date: 2012-05-13 13:49:06 +0000 (Sun, 13 May 2012)
New Revision: 19235

Modified:
   data/CVE/list
   data/next-point-update.txt
Log:
6.0.5 point release

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-05-13 11:58:01 UTC (rev 19234)
+++ data/CVE/list	2012-05-13 13:49:06 UTC (rev 19235)
@@ -4062,7 +4062,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
 CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access ...)
 	- nvidia-graphics-drivers 295.40-1
-	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+    [squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
 CVE-2012-0945
 	RESERVED
 CVE-2012-0944
@@ -4400,7 +4400,7 @@
 CVE-2012-0824
 	RESERVED
 	- gnusound <removed> (low; bug #654270)
-	[squeeze] - gnusound <no-dsa> (Minor issue)
+    [squeeze] - gnusound 0.7.5-3+squeeze1
 CVE-2012-0823 (VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers ...)
 	- libvpx 1.0.0-1
 	[squeeze] - libvpx <not-affected> (Introduced in 0.9.7)
@@ -4432,7 +4432,7 @@
 	- rpm 4.9.1.3-1 (bug #667031)
 CVE-2012-0814 (The auth_parse_options function in auth-options.c in sshd in OpenSSH ...)
 	- openssh 1:5.6p1-1 (low; bug #657445)
-	[squeeze] - openssh <no-dsa> (Minor issue)
+    [squeeze] - openssh-server 1:5.5p1-6+squeeze2
 CVE-2012-0813 [wicd cleartext passwords]
 	RESERVED
 	- wicd 1.7.1~b3-4 (unimportant; bug #652417)
@@ -6541,7 +6541,7 @@
 	- openarena 0.8.5-6 (medium; bug #665656)
 	- ioquake3 <not-affected> (fixed before upload)
 	- tremulous 1.1.0-8 (bug #665842)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2010-5076
 	RESERVED
 	- qt4-x11 4:4.6.3-1
@@ -7686,7 +7686,7 @@
 CVE-2011-4617 (virtualenv.py in virtualenv before 1.5 allows local users to overwrite ...)
 	- python-virtualenv 1.6-1 (low; bug #652653)
 	[lenny] - python-virtualenv <no-dsa> (Minor issue)
-	[squeeze] - python-virtualenv <no-dsa> (Minor issue)
+    [squeeze] - python-virtualenv 1.4.9-3squeeze1
 CVE-2011-4616 (Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro ...)
 	- libhtml-template-pro-perl 0.9507-1 (low; bug #652587)
 	[squeeze] - libhtml-template-pro-perl 0.9502-1+squeeze1
@@ -9264,7 +9264,7 @@
 CVE-2011-4099
 	RESERVED
 	- libcap2 1:2.22-1 (low)
-	[squeeze] - libcap2 <no-dsa> (Minor issue)
+    [squeeze] - libcap2 1:2.19-3
 CVE-2011-4098
 	RESERVED
 CVE-2011-4097
@@ -12586,7 +12586,7 @@
 	[squeeze] - openarena <no-dsa> (Minor issue, will be fixed in point update)
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2011-3011 (BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle ...)
 	NOT-FOR-US: CA ARCserve D2D
 CVE-2011-3010 (Multiple cross-site scripting (XSS) vulnerabilities in TWiki before ...)
@@ -13535,7 +13535,7 @@
 	[squeeze] - openarena 0.8.5-5+squeeze1
 	- ioquake3 1.36+svn1946-4
 	- tremulous 1.1.0-6 (bug #660836)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2011-2763 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and ...)
 	NOT-FOR-US: LifeSize Room appliance
 CVE-2011-2762 (The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) ...)
@@ -13635,8 +13635,8 @@
 CVE-2011-2725 [ark directory traversal]
 	RESERVED
 	- kdeutils 4:4.6.5-4 (low; bug #635541)
-	[squeeze] - kdeutils <no-dsa> (Minor issue)
 	[lenny] - kdeutils <no-dsa> (Minor issue)
+    [squeeze] - kdeutils 4:4.4.5-1+squeeze1
 CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs ...)
 	- samba 2:3.4.7~dfsg-2 (low)
 	- cifs-utils 2:5.1-1 (low)
@@ -16277,7 +16277,7 @@
 CVE-2011-1784 (The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and ...)
 	- keepalived 1:1.2.2-2 (low; bug #626281)
 	[lenny] - keepalived <no-dsa> (Minor issue)
-	[squeeze] - keepalived <no-dsa> (Minor issue)
+    [squeeze] - keepalived 1:1.1.20-1+squeeze1
 CVE-2011-1783 (The mod_dav_svn module for the Apache HTTP Server, as distributed in ...)
 	{DSA-2251-1}
 	- subversion 1.6.17dfsg-1
@@ -90718,11 +90718,11 @@
 CVE-2006-3325 (client/cl_parse.c in the id3 Quake 3 Engine 1.32c and the Icculus ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660834)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-3324 (The Automatic Downloading option in the id3 Quake 3 Engine and the ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660832)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-3323 (PHP remote file inclusion vulnerability in admin/admin.php in MF ...)
 	NOT-FOR-US: MF Piadas
 CVE-2006-3322 (SQL injection vulnerability in includes/functions_logging.php in ...)
@@ -91701,7 +91701,7 @@
 	NOT-FOR-US: PHP Pro Publish
 CVE-2006-2875 (Stack-based buffer overflow in the CL_ParseDownload function of Quake ...)
 	- tremulous 1.1.0-6 (bug #660827)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
 CVE-2006-2874 (Unspecified vulnerability in OSADS Alliance Database before 1.4 has ...)
 	NOT-FOR-US: OSADS
@@ -93221,7 +93221,7 @@
 	- awstats 6.5-2 (bug #365909; bug #365910; medium)
 CVE-2006-2236 (Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) ...)
 	- tremulous 1.1.0-6 (bug #660827)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 	- ioquake3 1.36+svn1788j-1
 CVE-2006-2235 (CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is ...)
 	NOT-FOR-US: Simple Poll
@@ -93581,7 +93581,7 @@
 CVE-2006-2082 (Directory traversal vulnerability in Quake 3 engine, as used in ...)
 	- ioquake3 1.36+svn1788j-1
 	- tremulous 1.1.0-6 (bug #660831)
-	[squeeze] - tremulous <no-dsa> (Contrib not supported)
+    [squeeze] - tremulous 1.1.0-7~squeeze1
 CVE-2006-2081 (Oracle Database Server 10g Release 2 allows local users to execute ...)
 	NOT-FOR-US: Oracle
 CVE-2006-2080 (SQL injection vulnerability in portfolio_photo_popup.php in Verosky ...)

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2012-05-13 11:58:01 UTC (rev 19234)
+++ data/next-point-update.txt	2012-05-13 13:49:06 UTC (rev 19235)
@@ -1,34 +0,0 @@
-CVE-2011-4617
-	[squeeze] - python-virtualenv 1.4.9-3squeeze1
-CVE-2012-0824
-	[squeeze] - gnusound 0.7.5-3+squeeze1
-CVE-2009-5029
-	[squeeze] - eglibc 2.11.3-3
-CVE-2012-0814 
-	[squeeze] - openssh-server 1:5.5p1-6+squeeze2
-CVE-2011-2764
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2011-3012
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-3325
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-3324
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-2875
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-2236
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2006-2082
-	[squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2011-1784
-	[squeeze] - keepalived 1:1.1.20-1+squeeze1
-CVE-2011-4099
-	[squeeze] - libcap2 1:2.19-3
-CVE-2011-2725
-	[squeeze] - kdeutils 4:4.4.5-1+squeeze1
-CVE-2010-5077
-        [squeeze] - tremulous 1.1.0-7~squeeze1
-CVE-2012-0946
-	[squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
-
-

More information about the Secure-testing-commits mailing list